DOCKER学习_010:Docker的文件系统以及制作镜像
一 文件系统简介
1.1 Linux文件系统
LInux空间组成分为内核空间和用户空间(使用rootfs)
linux文件系统由 bootes和 rootfs组成, bootes主要包含boot1 oader和 kernel, bootloader主要是引导加载 kernel,当 kernel被加载到内存之后 boots就被卸载掉了。 rootfs包含的就是典型1inux系统中的/dev,/proc,/bin,/etc等标准目录
对于docker,只是使用rootfs,因为bootfs是共享的
1.2 docker的base镜像
docker的Base镜像提供的是最小安装的linux发行版
1.3 镜像的分层结构
[root@docker-server3 ~]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
8ec398bc0356: Already exists
465560073b6f: Pull complete
f473f9fd0a8c: Pull complete #镜像的分层
Digest: sha256:b2d89d0a210398b4d1120b3e3a7672c16a4ba09c2c4a0395f18b9f7999b768f2
Status: Downloaded newer image for nginx:latest
docker.io/library/nginx:latest
最多不能超过128层,镜像只读,分层
容器就相当于在镜像上加了一个读写层,容器的销毁就是读写层的销毁
读写层的操作,主要基于两种方式:写时复制和用时分配。
dockers的存储驱动查看
[root@docker-server3 ~]# docker info
Client:
Debug Mode: false Server:
Containers:
Running:
Paused:
Stopped:
Images:
Server Version: 19.03.
Storage Driver: overlay2 #存储驱动
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: journald
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: b34a5c8af56e510852c35414db4c1f4fa6172339
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.-957.27..el7.x86_64
Operating System: CentOS Linux (Core)
OSType: linux
Architecture: x86_64
CPUs:
Total Memory: .777GiB
Name: docker-server3
ID: YB6S:6D3D:477B:5UMR:IEX2:2PBD:D6BI:GDYI:22MD:GWSX:4TBX:2LLS
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/
Live Restore Enabled: false WARNING: API is accessible on http://0.0.0.0:2375 without encryption.
Access to the remote API is equivalent to root access on the host. Refer
to the 'Docker daemon attack surface' section in the documentation for
more information: https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
二 commit制作Docker镜像
2.1 下载基础镜像
[root@docker-server3 ~]# docker pull centos:7
: Pulling from library/centos
ab5ef0e58194: Pull complete
Digest: sha256:4a701376d03f6b39b8c2a8f4a8e499441b0d567f9ab9d58e4991de4472fb813c
Status: Downloaded newer image for centos:
docker.io/library/centos:
[root@docker-server3 ~]# docker run -it centos:7 /bin/bash
[root@20b4b48c4055 /]#
[root@docker-server3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
20b4b48c4055 centos: "/bin/bash" seconds ago Up seconds admiring_wilbur
[root@20b4b48c4055 /]# ps -ef|grep ssh
2.2 安装一个ssh服务
请参考https://www.cnblogs.com/zyxnhr/p/11809167.html
[root@20b4b48c4055 /]# ps -a
PID TTY TIME CMD
pts/ :: sshd
pts/ :: ps
2.3 修改root密码
[root@20b4b48c4055 /]# echo 123456|passwd --stdin root
2.4 从宿主机连接
[root@docker-server3 ~]# docker inspect 20b4b48c4055 |grep IP
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": ,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
"IPAddress": "192.168.0.2",
"IPPrefixLen": ,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "192.168.0.2",
"IPPrefixLen": ,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
[root@docker-server3 ~]# ssh root@192.168.0.2
The authenticity of host '192.168.0.2 (192.168.0.2)' can't be established.
ECDSA key fingerprint is SHA256:e+hudnmpzwhC6r++fc+Nsps/8f9jOKCjjErm79GPvak.
ECDSA key fingerprint is MD5:dd:5f::e8:5f:ed:3f:6b:dd:3f:cb::ca:cc:5d:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.2' (ECDSA) to the list of known hosts.
root@192.168.0.2's password:123456
[root@20b4b48c4055 ~]#
连接进入
[root@20b4b48c4055 ~]# ps -a
PID TTY TIME CMD
pts/ :: sshd
pts/ :: ps
[root@20b4b48c4055 ~]# exit
2.5 向容器拷贝文件
[root@docker-server3 ~]# docker cp /etc/sysconfig/network-scripts/ifcfg-ens33 20b4b48c4055:/tmp/
[root@20b4b48c4055 /]# cat /tmp/ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="be414379-7791-472c-9a0a-bf732fe9d484"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.132.133
GATEWAY=192.168.132.2
2.6 安装vim
[root@20b4b48c4055 /]# yum -y install vim
2.7 创建镜像
[root@docker-server3 ~]# docker commit -m "install sshd and vim" 20b4b48c4055 openssh:v1.0
sha256:d98ba06569f3ed7c00e1371b71a0ab328bacd57f5717bb4066b425c7b12abc3a
[root@docker-server3 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
openssh v1. d98ba06569f3 seconds ago 361MB
nginx latest f7bb5701a33c days ago 126MB
busybox latest 6d5fcfe5ff17 days ago .22MB
hub.darren.com/library/alpine 3.7 cc0abc535e36 days ago .59MB
centos 5e35e350aded weeks ago 203MB
三 镜像的测试使用修改
3.1 使用刚创建的镜像,起一个容器
[root@docker-server3 ~]# docker run -it -d openssh:v1.0
d865deaee6e83724a76a5eae88d8e356b5fe7416b5a8dbf9e1a9dd077ed7731a
[root@docker-server3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d865deaee6e8 openssh:v1. "/bin/bash" seconds ago Up seconds sleepy_feistel
20b4b48c4055 centos: "/bin/bash" minutes ago Up minutes admiring_wil
[root@docker-server3 ~]# docker inspect d865deaee6e8|grep IP
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": ,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
"IPAddress": "192.168.0.3",
"IPPrefixLen": ,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "192.168.0.3",
"IPPrefixLen": ,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
[root@docker-server3 ~]# docker exec -it d865deaee6e8 /bin/bash
[root@d865deaee6e8 /]# /usr/sbin/sshd -D
3.2 测试连接
[root@docker-server3 ~]# ssh root@192.168.0.3
The authenticity of host '192.168.0.3 (192.168.0.3)' can't be established.
ECDSA key fingerprint is SHA256:e+hudnmpzwhC6r++fc+Nsps/8f9jOKCjjErm79GPvak.
ECDSA key fingerprint is MD5:dd:5f::e8:5f:ed:3f:6b:dd:3f:cb::ca:cc:5d:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.3' (ECDSA) to the list of known hosts.
root@192.168.0.3's password:123456
3.3 检验容器内容
[root@d865deaee6e8 ~]# cat /tmp/ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="be414379-7791-472c-9a0a-bf732fe9d484"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.132.133
GATEWAY=192.168.132.2
[root@d865deaee6e8 ~]# rpm -qa|grep vim
vim-minimal-7.4.-.el7.x86_64
vim-common-7.4.-.el7.x86_64
vim-enhanced-7.4.-.el7.x86_64
vim-filesystem-7.4.-.el7.x86_64
[root@d865deaee6e8 ~]# rpm -qa|grep openssh
openssh-.4p1-.el7.x86_64
openssh-server-.4p1-.el7.x86_64
3.4 修改容器的默认前台进程
容器的默认主进程是PID问1的主进程,所以刚才的镜像在启动后,主进程是/bin/bash
[root@20b4b48c4055 /]# ps -ef
root : pts/ :: /bin/bash
root : pts/ :: /usr/sbin/sshd -D
root : pts/ :: ps -ef
需要再启动之前,使用/usr/sbin/sshd -D 替换/bin/bash
[root@docker-server3 ~]# docker run -it -d openssh:v1.0 /usr/sbin/sshd -D
[root@docker-server3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
395c705716a5 openssh:v1. "/usr/sbin/sshd -D" seconds ago Up seconds laughing_edison
d865deaee6e8 openssh:v1. "/bin/bash" minutes ago Up minutes sleepy_feistel
20b4b48c4055 centos: "/bin/bash" minutes ago Up minutes admiring_w
[root@docker-server3 ~]# docker inspect 395c705716a5|grep IP
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": ,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
"IPAddress": "192.168.0.4",
"IPPrefixLen": ,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "192.168.0.4",
"IPPrefixLen": ,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
[root@docker-server3 ~]# ssh root@192.168.0.4
The authenticity of host '192.168.0.4 (192.168.0.4)' can't be established.
ECDSA key fingerprint is SHA256:e+hudnmpzwhC6r++fc+Nsps/8f9jOKCjjErm79GPvak.
ECDSA key fingerprint is MD5:dd:5f::e8:5f:ed:3f:6b:dd:3f:cb::ca:cc:5d:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.4' (ECDSA) to the list of known hosts.
root@192.168.0.4's password:
Last login: Tue Dec :: from gateway
[root@395c705716a5 ~]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 17:41 pts/0 00:00:00 /usr/sbin/sshd -D
root : ? :: sshd: root@pts/
root : pts/ :: -bash
root : pts/ :: ps -ef
3.5 修改镜像
因为这个容器的PID为1的进程是/usr/sbin/sshd -D,在这个容器的基础上,制作一个新的镜像,让这个镜像的容器的默认前台进程为/usr/sbin/sshd -D
[root@docker-server3 ~]# docker commit -m "new default front process" 395c705716a5 openssh:v1.2
[root@docker-server3 ~]# docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
openssh v1. c399a750ed03 seconds ago 361MB
openssh v1. d98ba06569f3 minutes ago 361MB
nginx latest f7bb5701a33c days ago 126MB
busybox latest 6d5fcfe5ff17 days ago .22MB
hub.darren.com/library/alpine 3.7 cc0abc535e36 days ago .59MB
centos
3.7 测试检验
[root@docker-server3 ~]# docker run -d openssh:v1.2
08359e84c3a1f1cfe3742ba9a2348719ca9818e3d56c5817fbde70c31e27f714
[root@docker-server3 ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
08359e84c3a1 openssh:v1. "/usr/sbin/sshd -D" seconds ago Up seconds intelligent_williams
395c705716a5 openssh:v1. "/usr/sbin/sshd -D" minutes ago Up minutes laughing_edison
d865deaee6e8 openssh:v1. "/bin/bash" minutes ago Up minutes sleepy_feistel
20b4b48c4055 centos: "/bin/bash" minutes ago Up minutes admiring_wilbur
[root@docker-server3 ~]# docker inspect 08359e84c3a1|grep IP
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": ,
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
"IPAddress": "192.168.0.5",
"IPPrefixLen": ,
"IPv6Gateway": "",
"IPAMConfig": null,
"IPAddress": "192.168.0.5",
"IPPrefixLen": ,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": ,
[root@docker-server3 ~]# ssh root@192.168.0.5
The authenticity of host '192.168.0.5 (192.168.0.5)' can't be established.
ECDSA key fingerprint is SHA256:e+hudnmpzwhC6r++fc+Nsps/8f9jOKCjjErm79GPvak.
ECDSA key fingerprint is MD5:dd:5f::e8:5f:ed:3f:6b:dd:3f:cb::ca:cc:5d:ff.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.5' (ECDSA) to the list of known hosts.
root@192.168.0.5's password:
Last login: Tue Dec :: from gateway
[root@08359e84c3a1 ~]# ps -ef
UID PID PPID C STIME TTY TIME CMD
root : ? :: /usr/sbin/sshd -D
root : ? :: sshd: root@pts/
root : pts/ :: -bash
root : pts/ :: ps -ef
博主声明:本文的内容来源主要来自誉天教育晏威老师,由本人实验完成操作验证,需要的博友请联系誉天教育(http://www.yutianedu.com/),获得官方同意或者晏老师(https://www.cnblogs.com/breezey/)本人同意即可转载,谢谢!
DOCKER学习_010:Docker的文件系统以及制作镜像的更多相关文章
- Docker学习之Docker容器基本使用
Docker学习之Docker容器基本使用 新建容器并启动 命令格式:docker run --options repository:tag 后台运行 命令格式:-d 已存在的容器相关操作 启动:do ...
- Docker学习之Docker镜像基本使用
Docker学习之Docker镜像基本使用 获取镜像 命令格式:docker pull [选项] [Docker Registry 地址[:端口号]/]仓库名[:标签] 例如: docker pull ...
- Docker学习笔记 — Docker私有仓库搭建
Docker学习笔记 — Docker私有仓库搭建 目录(?)[-] 环境准备 搭建私有仓库 测试 管理仓库中的镜像 查询 删除 Registry V2 和Mavan的管理一样,Dockers ...
- Docker学习(六)Dockerfile构建自定义镜像
Docker学习(六)Dockerfile构建自定义镜像 前言 通过前面一篇文章可以知道怎么去使用一个镜像搭建服务,但是,如何构造自己的一个镜像呢,docker提供了dockerfile可以让我们自己 ...
- Docker 学习3 Docker镜像管理基础
一.docker 常用操作及原理 1.docker 常用操作 2.docker 机制 1.docker client端是通过http或者https与server端通信的.个 2.docker 镜像可以 ...
- Docker学习笔记 - Docker部署nginx网站
一.制作 nginx 镜像 1.下载配置文件 mkdir /opt/nginx_docker && cd /opt/nginx_docker mkdir nginx && ...
- Docker学习笔记 - Docker容器内部署redis
Docker学习笔记(2-4)Docker应用实验-redist server 和client的安装使用 一.获取redis容器(含客户端和服务端) 二.创建服务端容器 1.在终端A中运行redis- ...
- Docker学习笔记 - Docker的基本概念
一.cs架构 Docker客户端:本地或远程 Docker服务端:守护进程Docker Daemon 二.基本概念 Docker镜像:打包阶段,层叠的只读文件系统,引导->root(ubuntu ...
- Docker学习笔记 - Docker的守护进程
学习目标: 查看Docker守护进程的运行状态 启动.停止.重启Docker守护进程 Docker守护进程的启动选项 修改和查看Docker守护进程的启动选项 1.# 查看docker运行状态 方 ...
随机推荐
- 2017 ACM-ICPC 亚洲区(西安赛区)网络赛C. Sum【脑洞题】
限制:1000ms 32768K Define the function S(x) for xx is a positive integer. S(x) equals to the sum of al ...
- ROW_NUMBER(),不允许并列名次、相同值名次不重复,结果如123456……
将score按ID分组排名:row_number() over(partition by id order by score desc) 将score不分组排名:row_number() over(o ...
- QT开发ROS遇到问题:execute_process(/usr/bin/python"/home/fu/catkin_ws/build/catkin_genetated/generate_cached_setup.py)..........
具体如上图显示,网上给的方法是重装ros和重新创建ROS工作空间.经过这样做以后发现问题依然存在. 最后考虑可能是没有加载ROS的环境变量.(我的qtcreator中已经有了创建ros工程的项目,但是 ...
- vue element 中自定义传值
一直以来都不知道如何传自定义的值,一直只会默认的,今天终于找到方法了. 比如这个上传图片的控件,想带当前的index过去,就这样写.其它的类似 :http-request="(file,fi ...
- 模板—tarjan缩点
void tarjan(int x) { dfn[x]=++cnt;low[x]=cnt; vi[x]=; stack[++top]=x; for(rint i=f(x);i;i=n(i)) if(! ...
- Window setTimeout() 方法
定义和用法 setTimeout() 方法用于在指定的毫秒数后调用函数或计算表达式. 注意:如果你只想重复执行可以使用 setInterval() 方法. 可以使用clearTimeout()方法来阻 ...
- torch.nn.LSTM()函数维度详解
123456789101112lstm=nn.LSTM(input_size, hidden_size, num_la ...
- 深入java面向对象四:Java 内部类种类及使用解析(转)
内部类Inner Class 将相关的类组织在一起,从而降低了命名空间的混乱. 一个内部类可以定义在另一个类里,可以定义在函数里,甚至可以作为一个表达式的一部分. Java中的内部类共分为四种: 静态 ...
- 安装scipy失败提示lapack not found
从python库网站下载numpy+mkl合集包通过pip安装在下载scipy安装包通过pip安装即可
- HttpServletRequest获得Url里面传来的值
URL地址:http://XXXXX/manage/welcome?loginUser=123456String []str = request.getParameterValues("lo ...